Information Disclosure in TYPO3 CMS

2024-06-0515:11:36

GitHub Advisory Database

github.com

information disclosure

typo3

api

security vulnerability

7.1 High

AI Score

Confidence

Low

HTTP requests being performed using the TYPO3 API expose the specific TYPO3 version to the called endpoint.

Affected configurations

Vulners

Node

typo3cms_poll_system_extensionRange<8.7.5

typo3cms_poll_system_extensionRange<7.6.22

CPENameOperatorVersion
typo3/cmslt8.7.5
typo3/cmslt7.6.22

CPE	Name	Operator	Version
	typo3/cms	lt	8.7.5
	typo3/cms	lt	7.6.22

github.com/advisories/GHSA-c7p6-3c9c-f88q

github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-09-05-3.yaml

typo3.org/security/advisory/typo3-core-sa-2017-006

7.1 High

AI Score

Confidence

Low